Re: Funky Firewall - Engineering Request

Top Page
This message is part of the following thread:
M++-++\the complete thread tree sorted by date
MMM.MMMJay at <-
MMMMMEric \"Shubes\" at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
Date:  
To: PLUG Discuss
Subject: Re: Funky Firewall - Engineering Request
Am 08. Jan, 2005 schwätzte George Toft so:

I suggest putting multiple IPs on the same NIC. It wouldn't be that bad of
an iptables script.

I also suggest continuing to use one outgoing IP for most stuff and only
using the 4 outgoing IPs for the one web site.

If you have multiple people gaming or doing bittorrent stuff it might be
an advantage to give them each their own IP, though.

That's something else. See gaming stuff for how to get this working.

There's also a firewalling tool I saw at the last ASULUG InstallFest that
might already do what you want. I think it was guarddog.

ciao,

der.hans

> I have a problem and am wondering how the brightest Linux brains of
> Phoenix would solve it.
>
> Problem:
> A certain web site that my family enjoys will not allow multiple
> computers from the same IP address to use the site at the same time. I
> currently have a Linux firewall with 2 NICs - one for the Internet and
> one for my LAN running NAT so all of my systems have the same public IP
> address.
>
> Qwest allows me 4 IP addresses, and I would like to take advantage of
> them so we can have more than one computer at the site at one time.
>
>
> Problem Statement:
> Build a firewall that:
> 1. Allows each computer on the LAN to send traffic out a different IP
> address on the Internet side of the firewall.
> 2. Filters all outgoing traffic though DansGuardian/squid.
>
> Essentially, each computer in the house would appear to have its own NAT
> firewall, and I don't want to actually deploy 3 more hardware firewalls.
>
>
> Random thoughts so far:
> 1. Set up box with 4 copies of VMWare running - each with a copy of the
> existing firewall.
>
> 2. Set up usermode Linux and have each one run a firewall & proxy. I'm
> pretty fuzzy on this stuff.
>
> 3. Bind multiple IP's to each NIC, and attempt to set up the iptables
> script from hell.
>
>
>
> Any input/suggestions/advice would be appreciated.
>
> 

-- 
#  https://www.LuftHans.com/    http://www.AZOTO.org/
#  Two roads diverged in a wood, and I --
#  I took the one less traveled by,
#  And that has made all the difference. -- Robert Frost
#  I, OTOH, prefer to just go stomping through the desert... - der.hans
---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Dual boot environmet including XPRe: Funky Firewall - Engineering Request->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)